Lucene search
K

13 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Firefox

When a user has already allowed a website to access the microphone and camera, disabling camera sharing does not completely prevent the website from re-enabling them without an additional prompt. This is only possible if the website continues to record with the microphone until the camera is...

4.3CVSS5.5AI score0.00842EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/10/07 1:20 a.m.3 views

firefox: Clipboard write permission bypass

The Mozilla Foundation's Security Advisory: An attacker could write data to the user's clipboard, bypassing the user prompt, during a certain sequence of navigational events...

7.5CVSS7.3AI score0.00426EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/10/03 11:20 a.m.8 views

firefox: Clipboard write permission bypass

The Mozilla Foundation's Security Advisory: An attacker could write data to the user's clipboard, bypassing the user prompt, during a certain sequence of navigational events...

7.5CVSS7.3AI score0.00426EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2024/10/02 4:14 p.m.16 views

CVE-2024-8900

The Mozilla Foundation's Security Advisory: An attacker could write data to the user's clipboard, bypassing the user prompt, during a certain sequence of navigational events...

7.5CVSS6.7AI score0.00426EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2024/09/17 7:15 p.m.14 views

CVE-2024-8900

An attacker could write data to the user's clipboard, bypassing the user prompt, during a certain sequence of navigational events. This vulnerability affects Firefox 129...

6.6AI score0.00426EPSS
Exploits0
Cvelist
Cvelist
added 2024/01/23 12:25 a.m.20 views

CVE-2024-23203

The issue was addressed with additional permissions checks. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, macOS Ventura 13.6.5. A shortcut may be able to use sensitive data with certain actions without prompting the user...

6.7AI score0.00918EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/11/07 8:29 a.m.55 views

libreoffice: Remote documents loaded without prompt via IFrame

A vulnerability was found in LibreOffice. Improper access control in the editor components of The Document Foundation in LibreOffice allows an attacker to craft a document that causes external links to load without a prompt. In the affected versions of LibreOffice documents that used "floating...

5.3CVSS5.8AI score0.02244EPSS
Exploits2References5
SUSE CVE
SUSE CVE
added 2023/02/15 6:15 a.m.4 views

SUSE CVE-2006-2198

OpenOffice.org aka StarOffice 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to conduct unauthorized activities via an OpenOffice document with a malicious BASIC macro, which is executed without prompting the user...

7.6CVSS6.9AI score0.03344EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/12/13 4:8 p.m.5 views

Mozilla: Fullscreen notification bypass via windowName

The Mozilla Foundation Security Advisory describes this flaw as: Through a series of popups that reuse windowName, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks...

6.5CVSS7.3AI score0.007EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2022/11/21 4:21 p.m.4 views

Mozilla: Fullscreen notification bypass via windowName

The Mozilla Foundation Security Advisory describes this flaw as: Through a series of popups that reuse windowName, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks...

6.5CVSS7.3AI score0.007EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2022/11/21 12:37 p.m.5 views

Mozilla: Fullscreen notification bypass

The Mozilla Foundation Security Advisory describes this flaw as: Through a series of popup and window.print calls, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks...

6.5CVSS7.3AI score0.0061EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2022/11/21 11:35 a.m.6 views

Mozilla: Fullscreen notification bypass via windowName

The Mozilla Foundation Security Advisory describes this flaw as: Through a series of popups that reuse windowName, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks...

6.5CVSS7.3AI score0.007EPSS
Exploits0References6
Prion
Prion
added 2021/08/23 8:15 p.m.16 views

Security feature bypass

There is a logic vulnerability in Elf-G10HN 1.0.0.608. An unauthenticated attacker could perform specific operations to exploit this vulnerability. Due to insufficient security design, successful exploit could allow an attacker to add users to be friends without prompting in the target device...

5CVSS7.4AI score0.00607EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder